Today I was looking at a couple of new development VMs that had the issue where it was working in Central Administration but not in Site Settings. None of the usual fixes worked. In fact, all of the settings had been correctly applied before I even looked at the server.

I checked the ULS logs and found an exception suggesting invalid access while trying to write to a registry key:

Searching for the exception I found a TechNet forum post that outlined what I had planned to do next: check which registry key was trying to be accessed and grant the permissions: Managed Metadata Service not working

Before I started changing permissions, I looked at the WSS_ADMIN_WPG local machine group to make sure that it existed and it contained the web application pool service account. The WSS_ADMIN_WPG group provides write access for SharePoint service accounts to local resources like files and registry keys on the local server.

In this case, the service account was in the group which means the Term Store Management page should be working. Knowing this, all we need to do is fix the permissions. Microsoft has documented the permissions on TechNet in Account permissions and security settings. Rather than doing this by hand, or running the risk that some of the other permissions were not correctly set, you can run the Initialize-SPResourceSecurty cmdlet in an elevated SharePoint Management Shell. This will reset all file system and registry permissions.

Initialize-SPResourceSecurity

After running, reloading the Term Store Management page displays the page as expected: